1. Learning
  2. Courses
  3. SC-401: Administering Information Security in Microsoft 365
  1. Back to course listing

Udemy

SC-401: Administering Information Security in Microsoft 365

Enroll Now
  • 01 Students
  • Updated 1/2026
CTgoodjobs selects quality courses to enhance professionals' competitiveness. By purchasing courses through links on our site, we may receive an affiliate commission.
Save Course Compare

Course Information

Registration period
Year-round Recruitment
Course Level
Short Course
Study Mode
Online
Duration
0 Hour(s) 0 Minute(s)
Language
English
Taught by
Jeff Landry

Course Overview

SC-401: Administering Information Security in Microsoft 365

Study guide for the Microsoft SC-401: Administering Information Security in Microsoft 365 certification.

Exam Overview and Purpose

The Microsoft SC-401 certification exam is designed to validate skills in planning and implementing information security for sensitive data using Microsoft Purview and related services.

The role is intended for Information Security Administrators who protect data in collaboration environments from internal and external threats, and also protect data used by AI services.

Key Skill Domains and Weighting:

The exam is structured around three major skill areas, each approximately equally weighted (30-35 % each):

  • Domain 1: Implement information protection

  • Description: Covers data classification, sensitivity labels, labeling policies, protection settings, and integration across workloads.

  • Domain 2: Implement data loss prevention & retention

  • Description: Involves designing and deploying DLP policies, adaptive protection, endpoint DLP, retention labels/policies.

  • Domain 3: Manage risks, alerts and activities

  • Description: Focuses on Insider Risk Management, alert tuning, forensic evidence, activity investigations, and protecting content for AI environments.

Responsibilities & What the Role Entails:

  • As an Information Security Administrator under SC-401, you are expected to:`

  • Collaborate with governance, data, and security stakeholders to define policies that meet organizational risk and compliance goals.

  • Implement controls in Microsoft 365 (Exchange, SharePoint, OneDrive, Teams) to enforce data protection, retention, and DLP rules.

  • Design, deploy, and manage Insider Risk Management policies, investigate alerts and activities via Purview, and respond appropriately.

  • Ensure that data processed by AI services is protected by applying appropriate policies, labels, and controls.

  • Use Microsoft Purview Audit (and related tools) to investigate, document, and retain evidence of activity.

Exam Logistics and Prerequisites:

  • The exam typically contains 40–60 questions, with formats including multiple choice, case studies, drag-and-drop.

  • Passing score is 700 out of 1,000.

  • Duration is approximately 100 to 120 minutes.

Candidates are expected to have working familiarity with:

  • Microsoft 365 services and their security/compliance features

  • PowerShell scripting

  • Identity and access controls (Microsoft Entra / Azure AD)

  • Microsoft Defender / security solutions integration

See more details

Course Content

  • 1 section(s)
  • Section 1 Practice Tests
See more details

What You’ll Learn

  • Implement information protection., Implement data loss prevention and retention., Manage risks, alerts and activities., Implement controls in Microsoft 365 to enforce data protection, retention, and DLP rules.
See more details
Report

Start FollowingSee all

Save Course
Enroll Now

Free eNewsletter

You will receive below exclusive information:

Sign Up Now

We use cookies to enhance your experience on our website. Please read and confirm your agreement to our Privacy Policy and Terms and Conditions before continue to browse our website.

Read and Agreed